[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Fixing the nasty RaQ Hack

Subject: Re: [cobalt-users] Fixing the nasty RaQ Hack
From: "Richard Donahue" <ebs@xxxxxxxxxxxxxxxx>
Date: Thu Jan 23 09:05:32 2003
Organization: EBS
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

----- Original Message -----
From: "Jeff Lasman" <jblists@xxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Tuesday, January 21, 2003 1:26 PM
Subject: [cobalt-users] Fixing the nasty RaQ Hack


> I'm posting this information to a few of the lists because some fairly
> intelligent people have written me unsure of exactly what they have to
> do to protect agains the nasty hack going around that completely
> destroys all the content on RaQ4s.
>
> You really need to do this.  If you can't do it yourself, have someone
> do it for you.
>
> This information comes from various sources, and is presented as a
> simple recipe for your convenience.  All liability disclamers in effect
> of course.  If you need someone to be responsible for the work, then
> find someone to do it for you.
>
> First of all, according to the docs published for the hack, a quick fix
> is to chmod 755 /usr/lib/authenticate if it's not already set to that.
>
> Second, according to Michael, make sure you've got the latest update for
> apache, patch 15787, from the Cobalt package site.
>
> Third, upgrade OpenSSL to Version 0.9.7; you can get RPMs from
> ftp://ftp.nacs.net/pub/software/cobalt_raq4
>
>   openssl-0.9.7-1.i386.rpm
>   openssl-0.9.7-1.src.rpm
>   openssl-devel-0.9.7-1.i386.rpm
>   openssl-doc-0.9.7-1.i386.rpm
>
> Fourth, upgrade OpenSSH, either from solarspeed.net
> (http://www.solarspeed.net/downloads/index.php), or from pkgmaster:
> (http://pkgmaster.com/packages/raq/4/).  (Required, previous versions of
> SSH may not work properly with the rpm versions of OpenSSL.)
>
> Sixth, make frequent backups; this is nasty and destroys most of the
> content on your RaQ.
>
> Seventh, cross your fingers.
>
> Jeff
> --
> Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
> Internet & Unix/Linux/Sun/Cobalt Consulting +1 909 778-9980
> Our jblists address used on lists is for list email only
> To contact us offlist: "http://www.nobaloney.net/contactus.html";

Jeff,

When upgrading to openssl-0.9.7, if I just install the rpm,
openssl-0.9.7-1.i386.rpm, on my Raq 4 will it break anything? I noticed 2
other rpms you have listed aren't there.

Rich
EBS


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.443 / Virus Database: 248 - Release Date: 01/10/2003

Follow-Ups:
- Re: [cobalt-users] Fixing the nasty RaQ Hack
  - From: Steve Bassi

References:
- [cobalt-users] Fixing the nasty RaQ Hack
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] OT: Interesting, Domain Refinery, Relay Attempts
Next by Date: RE: [cobalt-users] RAQ4 Backup
Previous by thread: RE: [cobalt-users] Fixing the nasty RaQ Hack
Next by thread: Re: [cobalt-users] Fixing the nasty RaQ Hack

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index